JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.152.38.173

39.152.38.173 was found in our database!

This IP was reported 292 times. Confidence of Abuse is 47%: ?

47%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56044
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.152.38.173

Whois 39.152.38.173

IP Abuse Reports for 39.152.38.173:

This IP address has been reported a total of 292 times from 62 distinct sources. 39.152.38.173 was first reported on August 14th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 zulzeen	2026-06-29 08:12:34 (1 day ago)	[incypit-web] Blocked by SysWarden Firewall [GEO] (SMB/Possible Ransomware Attack)	Hacking Brute-Force
🇺🇸 cwytech	2026-06-29 08:01:41 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/global-exclusion-high.	Hacking
🇩🇪 Luhte	2026-06-29 07:48:17 (1 day ago)	Unsolicited TCP connection from 39.152.38.173 to port 0 at 2026-06-29T07:48:17Z. Source IP completed ... show more Unsolicited TCP connection from 39.152.38.173 to port 0 at 2026-06-29T07:48:17Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇫🇷 sthoyer.de	2026-06-22 05:41:08 (1 week ago)	Jun 22 07:41:06 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Jun 22 07:41:06 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=39.152.38.173 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=981 DF PROTO=TCP SPT=2228 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 guldkage	2026-06-16 03:53:39 (2 weeks ago)	Unauthorized connection attempt detected from IP address 39.152.38.173 to port 445 (ger-02) [SMB]	Exploited Host
🇬🇧 PeravixGroup	2026-06-06 03:22:28 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 RAP	2026-05-25 00:30:16 (1 month ago)	2026-05-25 00:30:16 UTC Unauthorized activity to TCP port 445. SMB	Port Scan
🇫🇷 geeek	2026-05-22 23:57:53 (1 month ago)	Port scanning: 445 TCP Blocked	Port Scan
🇵🇱 nfsec.pl	2026-05-22 07:33:07 (1 month ago)	Detected: TCP scan on port: 445 with flags: SYN	Port Scan
Anonymous	2026-05-19 00:42:08 (1 month ago)	Unauthorized access (tcp/445/smb)	Port Scan
🇬🇧 Birdo	2026-05-14 04:36:18 (1 month ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
🇩🇪 IP Analyzer	2026-05-07 05:30:05 (1 month ago)	Unauthorized connection attempt from IP address 39.152.38.173 on Port 445(SMB)	Port Scan
🇫🇷 sthoyer.de	2026-04-29 07:33:52 (2 months ago)	Apr 29 09:33:51 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Apr 29 09:33:51 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=39.152.38.173 DST=173.212.223.67 LEN=52 TOS=0x14 PREC=0x60 TTL=112 ID=16479 DF PROTO=TCP SPT=2141 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 sthoyer.de	2026-04-23 03:05:04 (2 months ago)	Apr 23 05:05:04 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Apr 23 05:05:04 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=39.152.38.173 DST=173.212.223.67 LEN=52 TOS=0x14 PREC=0x60 TTL=112 ID=8942 DF PROTO=TCP SPT=2139 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 drewf.ink	2026-04-23 01:02:44 (2 months ago)	[01:02] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, ... show more [01:02] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, NT LANMAN 1.0, NT LM 0.12 show less	Hacking Exploited Host

Showing 1 to 15 of 292 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.240.141

🇫🇮 178.20.210.152

🇻🇳 123.31.20.162

🇻🇳 113.160.187.54

🇲🇽 104.243.245.100

🇺🇸 104.152.52.203

🇩🇪 69.5.169.76

🇫🇷 62.210.199.83

🇳🇱 45.148.10.157

🇬🇧 35.203.210.228

🇸🇬 4.194.18.173

🇲🇽 189.167.222.105

🇲🇽 187.193.181.203

🇨🇳 144.123.37.78

🇮🇩 115.124.73.145

🇮🇩 114.10.148.244

🇺🇸 104.234.32.65

🇺🇸 104.234.32.8

🇮🇳 103.206.147.57

🇮🇩 103.138.68.157